What Is Zero-Knowledge Proof?
Zero-knowledge proof (ZK proof, ZKP) is a cryptographic method to prove the validity of a statement without revealing information about the statement.
How can someone know that a statement is true or false without having access to any information about the statement? The way ZK proofs work is that there is a ‘prover’ and a ‘verifier.’ Let’s look at an example of a ZK proof at work:
In this example, you are the ‘prover,’ and the social media company is the ‘verifier.’ The ZK proof allowed you to verify your identity without giving away any personal information. This way, your personal information will not get leaked in case the social media company ever experiences a data breach or a hack.
Now that you get the gist of the power of this privacy-preserving technology, let’s dive into the technical details and the definition of zero-knowledge proofs.
How Does Zero-Knowledge Proof Work?
ZK proof is proof of the validity of a statement. The innovation lies in the elimination of the need to reveal information to prove the validity of this statement.
A ZK proof is made up of three elements:
- Witness: Witness is the hidden information of the proof. A ZK proof is initiated when a prover (one with the knowledge of this information) establishes a set of questions that can only be answered by someone who knows the hidden information.
- Challenge: A verifier randomly picks questions (mathematical problems) and asks the prover to answer them.
- Response: The prover calculates the answer and sends it back to the verifier. The verifier asks more questions to the prover in order to lower the possibility of the prover faking the knowledge. These interactions continue until the verifier is satisfied.
The multiple interactions between the prover and verifier are how an ‘interactive ZK protocol’ works.
Advancements in the field have given rise to ‘non-interactive ZK protocols’ that require the prover and verifier to interact only once.
Zero-Knowledge Proof Explained: Types of ZK Protocols
ZK SNARK, or Zero-Knowledge Succinct Non-Interactive Argument of Knowledge, is a protocol that generates ZK proofs. ZK SNARK possesses the following properties:
- Zero-knowledge: No information is revealed about the statement during validation. The only knowledge a verifier has is whether the statement is true or false.
- Succinct: The ZK proof is small enough to be verified quickly.
- Non-interactive: The prover and verifier interact only once, making it faster and more efficient.
- Argument: The ZK proof is sound and is difficult to cheat.
- Of Knowledge: The ZK proof for a statement cannot be created without access to the secret information.
ZK STARK, or Zero-Knowledge Scalable Transparent Argument of Knowledge, is similar to ZK SNARK. While they do share similar properties, ZK STARK is considered more scalable.
It can produce proofs for large data sets and is faster at proof-generating and verification processes than ZK SNARK when the size of the witness is large.
ZK STARK is also considered more transparent than ZK SNARK as it does not need a trusted setup to function.
Use Cases of ZK Proofs
A major talking point for ZK-proof technology is its use in scaling the Ethereum network via Layer-two (L2) rollups.
Rollups processes and verifies transactions off-chain, bundles them together, and posts them on the main chain. The main advantage of using L2 rollups is that it makes gas fees on Layer-one (L1) cheaper and allows the L1 to process faster and higher volumes of transactions.
ZK proofs are used to verify the correctness of the off-chain execution. So the L2 will execute transactions off-chain and submit ZK proofs for verification to the L1.
ZK proof is a privacy-preserving technology that is being used in the cryptocurrency industry to allow users to make anonymous transactions.
Crypto transactions are transparent. The wallet addresses, account balances, and transaction time stamps are published on blockchain databases. Even though wallet addresses are pseudonymous, it is not impossible to associate wallet addresses with real identities.
Privacy-focused cryptocurrencies like Zcash use ZK SNARKS to hide private information. Tornado Cash utilizes ZK proofs to allow users to conduct private transactions on Ethereum.
Identity Protection and Authentication
ZK proofs allow users to create personal identifiers that do not expose private information. If ZK proofs go mainstream in the future, you will be able to identify yourself without revealing your passport information or your social security number.
ZK proofs will also enable users to authenticate their identities that may be required to access websites and applications.
Limitations of ZK Proofs
|Hardware expenses||Specialized computers are required for complex calculations when verifying a ZK proof. These machines are expensive, creating a barrier to adoption and promoting the centralization of computing power.|
|High gas fees||The high hardware cost required for complex computations in ZK protocol is passed on to the end user. Therefore ZK rollups tend to charge more gas fees compared to Optimistic rollups.|
|Trust assumptions||ZK SNARKs use a common reference string that can be reused by parties who wish to participate in the ZK protocol. This common reference string is created in a trusted setup where participants are assumed to be honest.|
|Quantum computing threats||Advancements in the field of quantum computing are a threat to the security model of ZK SNARK protocols.|
ZK proofs have unlocked a new way to verify the information. These enable secure transactions and protect sensitive and private information by default.
ZK technology is also at the forefront of scaling Ethereum, the most popular smart contracts blockchain in the world.